BACKGROUND: It has been reported that two schools have closed after hackers broke into their servers, stole data and encrypted pupil information. Officials at the Skinners’ Kent Academy and Skinners’ Kent Primary School said they “cannot be sure” exactly what information hackers have access to. But they urged parents at the Tunbridge Wells schools to contact their banks to let them know that personal details could have been taken. Action Fraud and the National Cyber Security Centre are investigating.
ISBuzz Team
BACKGROUND: Multiple outlets are reporting the NYC Cyber Command first detected the breach on Saturday. The law dept. has over 2,000 employees and services over 1,000 lawyers, who have lost access to the network. Spokeswoman Laura Feyer said the breach occurred on Saturday and that they had limited access to the network on Sunday. In an interview with NY1, Mayor De Blasio confirmed the city law department was the target of a hack but no information was compromised. No ransom was sought. Email accounts were still shut down on Monday.
BACKGROUND: The president and CEO of Colonial Pipeline is giving a public account of the initial hours following the ransomware attack last month. This comes at an interesting time as elsewhere, EU officials are negotiating the details of a draft bill that will increase cybersecurity requirements on critical companies such as energy and electricity suppliers, as well as technology suppliers like cloud-computing companies.
BACKGROUND: A new study has warned of a vast network of bot accounts that have been set up to propagate misinformation and undermine critical expert advice on the COVID-19 crisis. Researchers from the University of California San Diego, the George Washington University and Johns Hopkins University assessed the spread of false information in public Facebook groups known to be heavily influenced by bots.
BACKGROUND: Amazon has now implemented its controversial ‘Sidewalk’ initiative, an experimental service that will automatically turn every Echo speaker, Ring camera and other Amazon device into a shared wireless network. It works by sharing a small slice of internet bandwidth with nearby neighbours who don’t have a connection (and vice versa) so as to create city-wide ‘mesh networks’ that help keep Amazon devices connected at all times even when home wifi is unavailable. Naturally, this raises a number of stark cybersecurity concerns.
According to the latest research by Agari, 50% of compromised accounts were accessed within 12 hours and 91% of all accounts were manually accessed by threat actors within the first week. Once attackers gained access to the compromised accounts, it became apparent that they wanted to identify high-value targets who have access to a company’s financial information or payment system so that they could send vendor email compromise scams more effectively.
Crippling ransomware attacks are hitting businesses, governments, and the public sector with alarming regularity. The severity of the situation is such that the White House has taken the unprecedented step of issuing a warning to the private sector, urging firms to step up in light of these attacks. However, while a warning from the oval office is a step in the right direction, some cybersecurity experts are calling it too little too late.
It has been reported that the UK’s leading cybersecurity authority has updated its guidance on ransomware following a spate of attacks on the education sector. GCHQ spin-off, the National Cyber Security Centre (NCSC), said it was investigating another rise in threats targeting schools, universities, and colleges.“Ransomware attacks can have a devastating impact on organizations, with victims requiring a significant amount of recovery time to reinstate critical services. These events can also be high profile in nature, with wide public and media interest,” the NCSC said. “In recent incidents affecting the education sector, ransomware has led to the loss of student coursework, school financial records as…
BACKGROUND: A new malware designed to compromise Kubernetes and create backdoors into businesses. This new malware has been active for more than a year and is compromising Windows containers to compromise Kubernetes clusters, using various container escape tactics to achieve code execution on the underlying Kubernetes node.
BACKGROUND: The US investigators have recovered millions in cryptocurrency they say was paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline last month, the Justice Department announced Monday. Specifically, the Justice Department said it seized approximately $2.3 million in Bitcoins paid to individuals in a criminal hacking group known as DarkSide. The FBI said it has been investigating DarkSide, which is said to share its malware tools with other criminal hackers, for over a year.